24/7 monitoring of all network activity is an invaluable tool for enhancing your security posture. An effective Incident Response Plan (IRP) is essential to mitigation of attacks, while a Disaster Recovery Plan (DRP) provides support for unexpected environmental obstacles to information systems. For both IRP and DRP, a company must develop strategies to recover from unexpected interruptions, and exercise these plans to ensure all applicable personnel are prepped and aware of their roles. In Topic 5, a minor Business Impact Analysis (BIA) was conducted, which identified the critical assets to the company. These assets will be used to aid in the development of a contingency plan to ensure business continuity in the presence of an event.
This assignment exercises the analysis and development of a Lite Contingency Plan (BIA, IRP, DRP, and Business Continuity Plan: BCP). The development of a workflow diagram is essential in displaying the relationship between the four components. This is critical for the IRP and DRP, as an IRP can launch a DRP when a threat disrupts a system through ransomware, DDoS, or other malicious attacks against a system.
Use the following guidelines to create an 8- to 12-page report using the same corporate profile selected earlier.
Business Impact Analysis
- In one to two paragraphs, summarize the objective of conducting a BIA for your selected company. Describe the benefits, potential outcomes, and company enhancements.
- Obtain the list of threats against the assets identified in your Topic 5 assignment, “Risk Management Assessment and Control,” and place them in a table.
- Prioritize this list from highest impact to lowest impact to the company.
- Add a column and describe how loss of the process, system, data, etc., will impact the company.
- Assuming worst-case scenario, add a column and describe the appropriate measures to recover from the threat.
Incident Response Plan (IRP)
In three to four pages, detail an IRP to include:
- Brief overview
- Roles and responsibilities (from Users to CISO)
- Reporting guidelines
- Example workflows diagram – Event to resolution
- Explain the six stages of incident handling as it relates to the company
- Escalation procedures with an associated chart
Disaster Recovery Plan (DRP)
Establish a DRP Policy in one to two pages that contains the following in alignment with the company:
- Purpose
- Scope
- Roles and responsibilities
- Resource requirements
- Training requirements
- Exercise and testing schedules (include IRP exercise and schedules)
- Plan maintenance schedules
Business Continuity Plan (BRP)
In three to four pages, close out the assignment with a complete BC Plan that includes the following:
- Describe which usage strategy (Hot site, Warm site, or Cold site) the company will use and why (explain the benefit to the company).
- Explain how the company will use and sustain the usage strategy.
- Detail the critical systems/assets recovery procedures.
- Provide processes to reestablish business operations and security operations. Include disaster to alternate site and restoration back to original state.
- Provide and describe a worst-case scenario timeline (disaster to recovery).
- Describe readiness, training, exercises, and BC process reviews/updates.
Include diagrams, tables, and charts as directed by the instructor.